Help- Ive been hacked??
#1
Oh ****
I left my computer on-line all day today whilst at work, when i came home, my shortcuts on the desktop had been renamed. IE. My documents was renamed "You Have been" and my other shortcuts were renamed "hacked"
A Folder had also been deleted, a very specific one which had important stuff in it, the rest of "My Documents" were still there. How has this happened???? More importantly, HOW DO I PROTECT MYSELF?? i have a virus scanner, but ovbiously this hasn't helped!!
I left my computer on-line all day today whilst at work, when i came home, my shortcuts on the desktop had been renamed. IE. My documents was renamed "You Have been" and my other shortcuts were renamed "hacked"
A Folder had also been deleted, a very specific one which had important stuff in it, the rest of "My Documents" were still there. How has this happened???? More importantly, HOW DO I PROTECT MYSELF?? i have a virus scanner, but ovbiously this hasn't helped!!
#3
Cheers Bob
Will this protect me from people using Trojans?? Is there anything ts won't detect that i should be aware of, ive downloaded it and it looks like a nice tool.
Thanks
Andy
Will this protect me from people using Trojans?? Is there anything ts won't detect that i should be aware of, ive downloaded it and it looks like a nice tool.
Thanks
Andy
#4
Scooby Regular
I've been using Zonealarm for about six months now and it appears to work well. Get a lot of intrusions picked up (about six tonight already) - but sometimes it is only your ISP server pinging you back if you have been inactive or similar.
If you are using IE, have you upgraded to the latest version - 5.05, 5.5 or whatever, I can't remember without looking - this has some important ActiveX fixes in it.
If you are using IE, have you upgraded to the latest version - 5.05, 5.5 or whatever, I can't remember without looking - this has some important ActiveX fixes in it.
#5
Scooby Regular
Why did you leave your PC online all day?
Bit silly now wasn't it. You must be on ADSL or something as well - would cost a bomb over the phone line.
Zonealarm is generally good but there have been reports of some protection missing - nothing to worry about though.
DW
Bit silly now wasn't it. You must be on ADSL or something as well - would cost a bomb over the phone line.
Zonealarm is generally good but there have been reports of some protection missing - nothing to worry about though.
DW
#6
Scooby Regular
Join Date: Nov 1998
Location: Bristol
Posts: 1,391
Likes: 0
Received 0 Likes
on
0 Posts
I have been using it for some time now. At first Its a pain, asking you if so and so can use the internet and can this site be used a a server. But I think it gives good protection. The only downfall I can think of is if you use a site that acts as a server for you as Napster etc. If you allow the site to be a server for you perhaps someone could slip in that way. I am not an expert so don't know.
#7
Scooby Senior
Join Date: Feb 2000
Location: West Midlands
Posts: 5,763
Likes: 0
Received 0 Likes
on
0 Posts
Andy,
<B>DO NOT CONNECT TO THE INTERNET ON YOUR HOME PC AGAIN until you have loaded some firewall software (and read the instructions)!!!!</B>
If you have a trojan, it is likely that it will notify the hacker everytime you go on-line.
I use Norton Personal Firewall (plus NAV), but any well know firewall will do for now! If you have an "always on" connection, a firewall is absolutely essential!!!!!!
If you have an alternate way to the internet, check out
<B>DO NOT CONNECT TO THE INTERNET ON YOUR HOME PC AGAIN until you have loaded some firewall software (and read the instructions)!!!!</B>
If you have a trojan, it is likely that it will notify the hacker everytime you go on-line.
I use Norton Personal Firewall (plus NAV), but any well know firewall will do for now! If you have an "always on" connection, a firewall is absolutely essential!!!!!!
If you have an alternate way to the internet, check out
Trending Topics
#9
Cheers for the advice guys
I've installed Zone Alarm and it seems to be detecting everything. I just got this message:
The firewall has blocked Internet access to your computer (NetBIOS Name) from
I've installed Zone Alarm and it seems to be detecting everything. I just got this message:
The firewall has blocked Internet access to your computer (NetBIOS Name) from
#10
Scooby Regular
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by andy6581:
<B>Cheers for the advice guys
I've installed Zone Alarm and it seems to be detecting everything. I just got this message:
The firewall has blocked Internet access to your computer (NetBIOS Name) from
<B>Cheers for the advice guys
I've installed Zone Alarm and it seems to be detecting everything. I just got this message:
The firewall has blocked Internet access to your computer (NetBIOS Name) from
#11
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Another vote for ZoneAlarm - very good piece of software and it's free
Re your query Andy - that is just one of the Scoobynet servers doing a Netbios name lookup - nothing too serious. However, if you have any doubts - block it! (which is basically what ZoneAlarm will do)
Chris
Re your query Andy - that is just one of the Scoobynet servers doing a Netbios name lookup - nothing too serious. However, if you have any doubts - block it! (which is basically what ZoneAlarm will do)
Chris
#12
Zonealarm is ok for a basic package, its not totally secure though, i tend to use two pieces of software zonealarm and blackice defender.
I've got another one running on a server at home that looks VERY good, not quite as user friendly as zonealarm (which is a large factor in its appeal) but a bit more secure.
I've got another one running on a server at home that looks VERY good, not quite as user friendly as zonealarm (which is a large factor in its appeal) but a bit more secure.
#14
Scooby Regular
iTrader: (7)
Join Date: Jun 2001
Location: Stalking Kate Beckinsale
Posts: 4,265
Likes: 0
Received 0 Likes
on
0 Posts
Yes, zonealarm rocks!
I run it on my server at home with Cable Modem, FULLY configured up and it passes absolutely every
scan test that I throw at it.
Fully protects the server and the 3 PC's behind that.
After downloading, installing and configuring properly,try out somewhere like
I run it on my server at home with Cable Modem, FULLY configured up and it passes absolutely every
scan test that I throw at it.
Fully protects the server and the 3 PC's behind that.
After downloading, installing and configuring properly,try out somewhere like
#18
Hi,
Agree with all mentioned above...
One thing worth pointing out is that Zonealarm and BlaceIce defender etc do not monitor outgoing packets which may leave you susceptible to some trojans and spyware.
AFAIK Norton personal firewall is the only product which monitors both incoming and outgoing packets.
Might be worth checking out other PD utilities which check for known trojans and spyware.. see
Agree with all mentioned above...
One thing worth pointing out is that Zonealarm and BlaceIce defender etc do not monitor outgoing packets which may leave you susceptible to some trojans and spyware.
AFAIK Norton personal firewall is the only product which monitors both incoming and outgoing packets.
Might be worth checking out other PD utilities which check for known trojans and spyware.. see
#20
Can you check where an ip address is from..eg I just received this!
The firewall has blocked Internet access to your computer (ICMP Unreachable) from 213.65.16.250.
whatever this means??
Nito
The firewall has blocked Internet access to your computer (ICMP Unreachable) from 213.65.16.250.
whatever this means??
Nito
#21
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Alex
ZoneAlarm does check outgoing packets. Any program attempting an outgoing connection (and that is not already configured in your list of installed programs) will be stopped by ZoneAlarm - it will then ask you for permission to deny or allow the connection.
Chris
ZoneAlarm does check outgoing packets. Any program attempting an outgoing connection (and that is not already configured in your list of installed programs) will be stopped by ZoneAlarm - it will then ask you for permission to deny or allow the connection.
Chris
#22
I'd like to know the answer to Nito's Question.
How can i lookup an ip to find it's source, i know you can use "nslookup" in NT but I'm using 98, any ideas?
If i can check the ip's i can then find out whether it's just my isp pinging me, or whether it's an "Intruder".
Further to being originally hacked, i've narrowed it down to a select group of people, and if i can catch them again I'm sure i'll recognise them if i can look up their IP's
Cheers for all the advice guys, maybe we've all learned a bit!
Cheers
Andy
How can i lookup an ip to find it's source, i know you can use "nslookup" in NT but I'm using 98, any ideas?
If i can check the ip's i can then find out whether it's just my isp pinging me, or whether it's an "Intruder".
Further to being originally hacked, i've narrowed it down to a select group of people, and if i can catch them again I'm sure i'll recognise them if i can look up their IP's
Cheers for all the advice guys, maybe we've all learned a bit!
Cheers
Andy
#23
Scooby Regular
Join Date: Nov 1998
Location: Bristol
Posts: 1,391
Likes: 0
Received 0 Likes
on
0 Posts
I get the same as Nito.
Mine's 217.81.141.3 Mine belongs to a German isp thats as far as I got.They been knocking on my door for the last 3 days, 24 hrs a day, every 2 mins.
Nito yours is from Telia Network Services Sweden
You get these thing going to the **** sites They don't know you have left and think you are still on line with them, so i'm told.
Mine's 217.81.141.3 Mine belongs to a German isp thats as far as I got.They been knocking on my door for the last 3 days, 24 hrs a day, every 2 mins.
Nito yours is from Telia Network Services Sweden
You get these thing going to the **** sites They don't know you have left and think you are still on line with them, so i'm told.
#26
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by AlexM:
<B>One thing worth pointing out is that Zonealarm and BlaceIce defender etc do not monitor outgoing packets which may leave you susceptible to some trojans and spyware.
AFAIK Norton personal firewall is the only product which monitors both incoming and outgoing packets.[/quote]
Zonealarm does monitor outgoing packets and will ask for your permission before letting any new program access the net. You may grant this access once only, or for all future accesses. I often get messages pop up to say its blocked access to one of the adservers for some of the 'free-but-with-adverts' programs so I know it works.
Zonealarm also CRC checks each EXE that has been granted access as some trojans rename themselves to iexplore.exe and get out that way (I know the norton firewall didn't catch that originally - don't know if it does now)
I'm behind my own NAT router which is acting as a firewall and I run Zonealarm primarily as protection against trojans!!
As for tracing those IP addresses, if you have a dial up connection for which you get a dynamic IP address (ie different each time) I wouldn't bother - the next time you connect you'll get a different address so they can't keep track of your machine.
Its also common as the last user of that IP address may have dropped the line in the middle of a request and you could just be seeing that response.
If you have a static IP address then it may be worth checking, but unless you can prove continued access attempts (and by that I mean more than just pings) their ISP won't do anything anyway.
If you do want to trace the IP packets then I've always found
<B>One thing worth pointing out is that Zonealarm and BlaceIce defender etc do not monitor outgoing packets which may leave you susceptible to some trojans and spyware.
AFAIK Norton personal firewall is the only product which monitors both incoming and outgoing packets.[/quote]
Zonealarm does monitor outgoing packets and will ask for your permission before letting any new program access the net. You may grant this access once only, or for all future accesses. I often get messages pop up to say its blocked access to one of the adservers for some of the 'free-but-with-adverts' programs so I know it works.
Zonealarm also CRC checks each EXE that has been granted access as some trojans rename themselves to iexplore.exe and get out that way (I know the norton firewall didn't catch that originally - don't know if it does now)
I'm behind my own NAT router which is acting as a firewall and I run Zonealarm primarily as protection against trojans!!
As for tracing those IP addresses, if you have a dial up connection for which you get a dynamic IP address (ie different each time) I wouldn't bother - the next time you connect you'll get a different address so they can't keep track of your machine.
Its also common as the last user of that IP address may have dropped the line in the middle of a request and you could just be seeing that response.
If you have a static IP address then it may be worth checking, but unless you can prove continued access attempts (and by that I mean more than just pings) their ISP won't do anything anyway.
If you do want to trace the IP packets then I've always found
#27
just wanna say thanks for those who replied to this thread.I had no idea about this thing and i now have Zonealarm which fully passed the grc test.
ta!!
scoobynet not such a bunch of girls after all!!
ta!!
scoobynet not such a bunch of girls after all!!
#28
just a quick note. To resolve an IP address to hostname (on a Windows box) open a DOS session and use "ping -a"
i.e.
C:>ping -a 207.46.230.218
yields:
Pinging <B>microsoft.com</B> [207.46.230.218] with 32 bytes of data:
Then use a whois service to find out who has registered the domain.
i.e.
C:>ping -a 207.46.230.218
yields:
Pinging <B>microsoft.com</B> [207.46.230.218] with 32 bytes of data:
Then use a whois service to find out who has registered the domain.
Thread
Thread Starter
Forum
Replies
Last Post
mega_stream
Computer & Technology Related
7
03 April 2002 09:18 PM
TonyBurns
ScoobyNet General
44
15 September 2001 06:14 PM